aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2011-11-28 23:37:28 -0200
committerSilvio Rhatto <rhatto@riseup.net>2011-11-28 23:37:28 -0200
commit89ec95b2cf79c77e8e34cc630aefece4de6f80bd (patch)
tree23f9f68eb8c17d9022c54300ce85ca637a5f359f
parent0e07b152ce987eb006319fffb7bb572d5cfdc69c (diff)
downloadpuppet-ssl-89ec95b2cf79c77e8e34cc630aefece4de6f80bd.tar.gz
puppet-ssl-89ec95b2cf79c77e8e34cc630aefece4de6f80bd.tar.bz2
Using ssl::cert to define certificates
-rw-r--r--manifests/init.pp59
1 files changed, 23 insertions, 36 deletions
diff --git a/manifests/init.pp b/manifests/init.pp
index e368530..b758903 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -5,24 +5,6 @@ class ssl {
group => "root",
}
- file { "/etc/ssl/certs/cert.crt":
- ensure => present,
- owner => "root",
- group => "root",
- mode => 644,
- source => "puppet:///modules/site-keys/ssl/cert.crt",
- require => File["/etc/ssl/certs"],
- }
-
- file { "/etc/ssl/private/cert.pem":
- ensure => present,
- owner => "root",
- group => "root",
- mode => 600,
- source => "puppet:///modules/site-keys/ssl/cert.pem",
- require => File["/etc/ssl/private"],
- }
-
file { "/usr/local/bin/ssl-cert-check":
ensure => present,
owner => "root",
@@ -31,6 +13,29 @@ class ssl {
source => "puppet://$server/modules/ssl/ssl-cert-check",
}
+ define cert($ensure = present, $owner = 'root', $group = 'root', $notify = undef,
+ $pubmode = '644', $privmode = '600') {
+ file { "/etc/ssl/certs/$name.crt":
+ ensure => $ensure,
+ owner => $owner,
+ group => $group,
+ mode => $pubmode,
+ source => "puppet:///modules/site-keys/ssl/$name.crt",
+ require => File["/etc/ssl/certs"],
+ notify => $notify,
+ }
+
+ file { "/etc/ssl/private/$name.pem":
+ ensure => $ensure,
+ owner => $owner,
+ group => $group,
+ mode => $privmode,
+ source => "puppet:///modules/site-keys/ssl/$name.pem",
+ require => File["/etc/ssl/private"],
+ notify => $notify,
+ }
+ }
+
define check($port = '443', $interval = '60', $email = 'root',
$hour = '0', $minute = '0', $weekday = '0',
$file = false, $ensure = present) {
@@ -54,21 +59,3 @@ class ssl {
}
}
}
-
-class ssl::mail inherits ssl {
- File['/etc/ssl/private/cert.pem'] {
- group => postfix,
- mode => 0640,
- notify => Service['postfix'],
- }
-
- File['/etc/ssl/certs/cert.crt'] {
- notify => Service['postfix'],
- }
-}
-
-class ssl::proxy inherits ssl {
- File['/etc/ssl/certs/cert.crt', '/etc/ssl/private/cert.pem'] {
- notify => Service['nginx'],
- }
-}